|
Hello,
Currently on the Wayland ML, a bunch of devs are discussing security issues [0,1] and the need to restrict userland processes' privileges to e.g., take screenshots, act as virtual keyboards or read keyboard events for other apps, etc (basically introducing
privileged interfaces that require explicit user authorisation). We've also been discussing how the introduction of Wayland allows for redesigning and securing authentication and authorisation UIs.
This has led me to question the way authorisation and authentication are currently done, and to write a couple of proposed requirements for both tasks. I'd be very keen on hearing the opinions of various DE developers on a blog post I've written [2], that
focuses a lot on the infrastructure needs (both in Wayland and desktop environments). I'd also like to debate UX aspects of authorisation and authentication UIs. As far as I'm aware GNOME Shell implements a polkit agent and so relies on the polkit infrastructure
for all its auth needs. Given the proposals I made (which really are ideas that need experimentation and refinement), what would fit within the GNOME way of doing things? What's the viewpoint of the UX people in GNOME? Can you spot any missing technical (security
or UX) requirements in the post? Anything you disagree with and want me to review?
Thanks,
[0] http://lists.freedesktop.org/archives/wayland-devel/2014-February/013359.html
[1] http://mupuf.org/blog/2014/02/19/wayland-compositors-why-and-how-to-handle/
[2] http://mupuf.org/blog/2014/03/18/managing-auth-ui-in-linux/
--
Steve Dodier-Lazaro
PhD student in Information Security University College London Dept. of Computer Science Malet Place Engineering, 6.07 Gower Street, London WC1E 6BT OpenPGP : 1B6B1670 |